The finance and banking sector in Malaysia is experiencing rapid digital transformation, driven by technological advancements such as cloud applications, open banking and fintech innovations. However, these advancements also pose an increased risk of cyber-attacks for the industry. With vast databases containing highly sensitive personally identifiable information (PII), corporate data and financial records, these organisations become attractive targets for cyber-attacks.
The Growing Threat Landscape
In recent times, one of the most significant developments has been the professionalisation of the cyber threat economy. Criminal groups have begun specialising in specific components of an attack, such as initial access, ransomware, and information-stealing malware, offering these services to other criminals. These “as-a-service” models lower the skill threshold required to conduct an attack, resulting in an increase in adversaries and threats. These specialist services provide execution guidance and resources for their criminal customers, thereby enhancing the effectiveness of such attacks.
In Malaysia, the frequency and severity of cybersecurity threats have been on the rise, as highlighted by Deputy Minister of Communications and Digital, Teo Nie Ching. Over the past year, the country has witnessed a significant surge in cyber-attacks, including malicious activities such as ransomware attacks, cyber espionage attempts, data leaks and cyber scams. Cyber Security Malaysia (CSM) reported 4,741 cyber threat cases last year, with 456 fraud cases recorded as of February 2023. In light of this, organisations must recognise the substantial implications that security breaches can have on their operations, finances and reputation and take action. The potential disruptions, costly remedial fees, hefty fines, and loss of trust emphasise the need for organisations to prioritise the implementation of robust technical and organisational measures to build a strong cybersecurity defence.
Cybersecurity Challenges in Finance and Banking Industry
According to the “Sophos The State of Ransomware in Financial Services 2023” report, the rate of ransomware attacks in the financial services sector has increased from 55 percent in 2022 to 64 percent in 2023. The most common root cause of these attacks in the sector was exploited vulnerabilities, accounting for 40 percent of cases, followed by compromised credentials at 23 percent.
Financial services organisations were found to have higher recovery costs compared to other sectors, with an average cost of US$2.23 million, while the cross-sector average stood at US$1.82 million. The increase in recovery costs is likely impacted by the increase in the data encryption rates for this sector and the reduced ability to stop attacks before the data was encrypted.
Furthermore, 80 percent of financial services organisations affected by ransomware reported experiencing a loss of business or revenue. This is slightly below the global cross-sector average of 84 percent, but it still highlights the significant impact of ransomware attacks on the financial services industry.
Sophos recommends the following best practices to help defend against ransomware and other cyberattacks:
- Maintaining good security hygiene, including timely patching and regularly reviewing security tool configurations
- Optimising attack preparation, including making regular backups, practicing recovering data from backups, and maintaining an up-to-date incident response plan
- Security tools that defend against the most common attack vectors, including endpoint protection with strong anti-exploit capabilities to prevent exploitation of vulnerabilities and zero trust network access (ZTNA) to thwart the abuse of compromised credentials
- Adaptive technologies that respond automatically to attacks, disrupting adversaries and buying defenders time to respond
- 24/7 threat detection, investigation and response, whether delivered in-house or in partnership with a specialist managed detection and response (MDR) service provider.
As Malaysia’s digital transformation accelerates, data and information play a crucial role in the operations and sustainability of the financial and banking industry. It is imperative for financial and banking institutions to prioritise robust cybersecurity measures to fulfil their responsibility and maintain the trust of their customers in this rapidly evolving digital landscape.
By Sandra Lee, Managing Director for Greater China, Southeast Asia & Korea, Sophos
